129.213.152.245

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): United States of America (the)

运营商(isp): unknown

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

暂无关于此IP的讨论, 沙发请点上方按钮

相同子网IP讨论:

IP	类型	评论内容	时间
129.213.152.224	attackbots	srvr2: (mod_security) mod_security (id:920350) triggered by 129.213.152.224 (US/-/-): 1 in the last 600 secs; Ports: ; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/13 17:46:45 [error] 67397#0: 140925 [client 129.213.152.224] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159733360580.408524"] [ref "o0,15v21,15"], client: 129.213.152.224, [redacted] request: "GET / HTTP/1.1" [redacted]	2020-08-14 00:31:58
129.213.152.224	attack	Unauthorized connection attempt detected from IP address 129.213.152.224 to port 80 [T]	2020-07-06 20:40:40

类型

评论内容

时间

129.213.152.224

attackbots

srvr2: (mod_security) mod_security (id:920350) triggered by 129.213.152.224 (US/-/-): 1 in the last 600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/13 17:46:45 [error] 67397#0: *140925 [client 129.213.152.224] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host'  [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "159733360580.408524"] [ref "o0,15v21,15"], client: 129.213.152.224, [redacted] request: "GET / HTTP/1.1" [redacted]

2020-08-14 00:31:58

129.213.152.224

attack

Unauthorized connection attempt detected from IP address 129.213.152.224 to port 80 [T]

2020-07-06 20:40:40

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 129.213.152.245
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12525
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;129.213.152.245.		IN	A

;; AUTHORITY SECTION:
.			30	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2025012801 1800 900 604800 86400

;; Query time: 11 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Jan 29 05:48:46 CST 2025
;; MSG SIZE  rcvd: 108

HOST信息:

Host 245.152.213.129.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 245.152.213.129.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
123.185.56.152	attackspambots	1590478191 - 05/26/2020 09:29:51 Host: 123.185.56.152/123.185.56.152 Port: 445 TCP Blocked	2020-05-26 20:56:11
220.127.148.8	attack	May 26 12:25:35 ns382633 sshd\[12419\]: Invalid user admin from 220.127.148.8 port 45874 May 26 12:25:35 ns382633 sshd\[12419\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.127.148.8 May 26 12:25:37 ns382633 sshd\[12419\]: Failed password for invalid user admin from 220.127.148.8 port 45874 ssh2 May 26 12:39:41 ns382633 sshd\[14735\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.127.148.8 user=root May 26 12:39:43 ns382633 sshd\[14735\]: Failed password for root from 220.127.148.8 port 45762 ssh2	2020-05-26 20:52:17
78.159.97.51	attack	May 26 08:59:48 NPSTNNYC01T sshd[30835]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.159.97.51 May 26 08:59:50 NPSTNNYC01T sshd[30835]: Failed password for invalid user adminttd from 78.159.97.51 port 34156 ssh2 May 26 09:03:22 NPSTNNYC01T sshd[31063]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=78.159.97.51 ...	2020-05-26 21:10:43
200.48.237.52	attackspam	Unauthorized connection attempt from IP address 200.48.237.52 on Port 445(SMB)	2020-05-26 20:41:42
36.238.103.16	attackbots	Telnet/23 MH Probe, Scan, BF, Hack -	2020-05-26 21:07:12
103.238.111.207	attackbotsspam	Unauthorised access (May 26) SRC=103.238.111.207 LEN=48 TOS=0x10 PREC=0x40 TTL=111 ID=14350 DF TCP DPT=445 WINDOW=8192 SYN	2020-05-26 20:53:35
120.92.89.30	attackbotsspam	Lines containing failures of 120.92.89.30 May 25 16:54:11 www sshd[15899]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.89.30 user=r.r May 25 16:54:12 www sshd[15899]: Failed password for r.r from 120.92.89.30 port 48312 ssh2 May 25 16:54:13 www sshd[15899]: Received disconnect from 120.92.89.30 port 48312:11: Bye Bye [preauth] May 25 16:54:13 www sshd[15899]: Disconnected from authenticating user r.r 120.92.89.30 port 48312 [preauth] May 25 17:01:34 www sshd[17278]: Invalid user scanner from 120.92.89.30 port 47560 May 25 17:01:34 www sshd[17278]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.92.89.30 May 25 17:01:36 www sshd[17278]: Failed password for invalid user scanner from 120.92.89.30 port 47560 ssh2 May 25 17:01:37 www sshd[17278]: Received disconnect from 120.92.89.30 port 47560:11: Bye Bye [preauth] May 25 17:01:37 www sshd[17278]: Disconnected from invalid user sc........ ------------------------------	2020-05-26 21:03:48
128.1.106.22	attackspam	ICMP MH Probe, Scan /Distributed -	2020-05-26 20:39:13
193.112.179.145	attack	Invalid user admin from 193.112.179.145 port 50048	2020-05-26 20:48:24
93.174.93.143	attack	SSH bruteforce	2020-05-26 20:51:12
202.45.144.9	attack	May 26 12:50:53 scw-6657dc sshd[1917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.45.144.9 May 26 12:50:53 scw-6657dc sshd[1917]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=202.45.144.9 May 26 12:50:55 scw-6657dc sshd[1917]: Failed password for invalid user senaco from 202.45.144.9 port 59186 ssh2 ...	2020-05-26 21:15:16
51.159.52.209	attackspambots	May 26 12:18:52 * sshd[10791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.159.52.209 May 26 12:18:54 * sshd[10791]: Failed password for invalid user admin from 51.159.52.209 port 42860 ssh2	2020-05-26 21:11:52
88.20.216.90	attack	SSH/22 MH Probe, BF, Hack -	2020-05-26 20:44:51
104.248.92.180	attackbots	port scan and connect, tcp 23 (telnet)	2020-05-26 20:40:15
201.48.192.60	attack	2020-05-26T21:28:28.140477vivaldi2.tree2.info sshd[32725]: Invalid user vijaya from 201.48.192.60 2020-05-26T21:28:28.159432vivaldi2.tree2.info sshd[32725]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=201.48.192.60 2020-05-26T21:28:28.140477vivaldi2.tree2.info sshd[32725]: Invalid user vijaya from 201.48.192.60 2020-05-26T21:28:30.307503vivaldi2.tree2.info sshd[32725]: Failed password for invalid user vijaya from 201.48.192.60 port 49956 ssh2 2020-05-26T21:32:24.372823vivaldi2.tree2.info sshd[491]: Invalid user hxhtftp from 201.48.192.60 ...	2020-05-26 21:12:14

最近上报的IP列表

24.41.180.161	126.198.25.115	10.136.254.116	151.130.24.80
76.210.107.195	251.160.91.113	35.162.68.61	50.158.166.71
189.246.111.25	130.163.243.210	226.232.186.228	192.241.170.125
228.135.159.116	56.19.163.74	60.52.183.41	86.248.179.132
192.217.218.75	131.157.247.165	210.170.142.97	199.133.29.102